Correctness of Petersen Critical Section Algorithm

This example builds on techniques developed for the Alternating Bit Protocol, but the proof makes especially good
use of the product of case analyses. There are 10 binary cases splits, and
therefore 1024 cases altogether. Although many of these cases are
automatically eliminated by BOBJ because they fail to satisfy the condition of
the equation proved, the output is still very voluminous, since every case is
documented, including the failures. (The purpose of the condition in the
equation of the correctness criterion is to eliminate cases that cannot
occur.) One can also see many instances of circularities in the output,
signaled by the keyword "deduced". This example is still in an
early stage of development, and there is as yet very little explanation; it is
highly likely to become more polished in the future.

The specification and proof score are given in section 1, but only an
extract from the output is given in section 2, since it is very voluminous,
but here is a link to the full output if you want to
see it. Note that execution time is exponential in the number of cases.
Notice also that the fair streams used here differ from those in the
alternating bit protocol, since they need to be fair to each of the two
processes, instead of being fair to channel success, but not failure.